This one-day course is delivered by our information security experts and aims to give you an overview of the benefits and purpose of an information security management system (ISMS). The requirements are reviewed in detail, along with the processes involved in establishing, implementing, operating, monitoring, reviewing and improving an ISMS.
You will learn how to protect your organisation from a breach in information security and understand the advantages of implementing ISO 27001:2013 requirements and gaining certification.
Who should attend?
Individuals working for any business area that interacts with stakeholder data and information as data management and protection, IT services, human resources and financial & accounting.
What will you learn?
- Benefits, purpose and processes involved in managing an ISMS
- Purpose, intent and understanding of the requirements for ISO 27001 certification
- Basic principles of the standard and an overview of the (PDCA) cycle
- The basic approach to risk assessment
- To develop an information security infrastructure
- To identify assets, risk owners, threats, vulnerabilities and business impacts
- To identify any gaps in your existing controls and address the controls within Annex A of the standard
- The subjects of confidentiality, integrity and availability of information and the importance of these when assessing risks and implementing controls
- The design, deployment and review of the risk assessment methodology.
What do you need to prepare?
Knowledge about the types of data held by your organisation and the methods used to store and process this data.
- 7 CPD hours
- Training course materials
- Lunch and refreshments
- Certificate of attendance.
Your future development
- ISO 27001:2013 Implementation
- ISO 27001:2013 Internal Auditor
- ISO 27001:2013 Auditor/Lead Auditor CQI & IRCA certified
- GDPR Data Protection Officer Workshop
- Data Protection Impact Assessment Workshop.